Mapping & Analysis: NIST Cybersecurity Framework to Risk Management Framework 800-53 Security Controls

• Organization: National Institute of Technology (NIST)
• Data Source: Cybersecurity Framework v1.1
• Data Source: NIST 800-53

NIST has provided a cross walk from the Cybersecurity Framework (CSF) to the Risk Management Framework (RMF) 800-53 security controls. The bar chart below displays these blended data sets. Here is some summary count info by CSF Function:

1. Identify (ID) = 81 security controls
2. Protect (PR) = 140 security controls
3. Detect (DE) = 55 security controls
4. Respond (RS) = 23 security controls
5. Recover (RC) = 4 security controls

Link to the corresponding table chart - here.